SecurityManager.hpp Source File

00001 /*
00002  * Copyright 2003,2004 The Apache Software Foundation.
00003  * 
00004  * Licensed under the Apache License, Version 2.0 (the "License");
00005  * you may not use this file except in compliance with the License.
00006  * You may obtain a copy of the License at
00007  * 
00008  *      http://www.apache.org/licenses/LICENSE-2.0
00009  * 
00010  * Unless required by applicable law or agreed to in writing, software
00011  * distributed under the License is distributed on an "AS IS" BASIS,
00012  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00013  * See the License for the specific language governing permissions and
00014  * limitations under the License.
00015  */
00016 
00017 /*
00018  * $Log: SecurityManager.hpp,v $
00019  * Revision 1.4  2004/09/08 13:56:23  peiyongz
00020  * Apache License Version 2.0
00021  *
00022  * Revision 1.3  2004/01/29 11:48:46  cargilld
00023  * Code cleanup changes to get rid of various compiler diagnostic messages.
00024  *
00025  * Revision 1.2  2003/04/22 12:53:38  neilg
00026  * change const static member to an enum to make MSVC happy
00027  *
00028  * change ENTITY_EXPANSION_LIMIT from a static const data member to an enum
00029  * 
00030  * Revision 1.1  2003/04/17 21:58:49  neilg
00031  * Adding a new property,
00032  * http://apache.org/xml/properties/security-manager, with
00033  * appropriate getSecurityManager/setSecurityManager methods on DOM
00034  * and SAX parsers.  Also adding a new SecurityManager class.
00035  *
00036  * The purpose of these modifications is to permit applications a
00037  * means to have the parser reject documents whose processing would
00038  * otherwise consume large amounts of system resources.  Malicious
00039  * use of such documents could be used to launch a denial-of-service
00040  * attack against a system running the parser.  Initially, the
00041  * SecurityManager only knows about attacks that can result from
00042  * exponential entity expansion; this is the only known attack that
00043  * involves processing a single XML document.  Other, simlar attacks
00044  * can be launched if arbitrary schemas may be parsed; there already
00045  * exist means (via use of the EntityResolver interface) by which
00046  * applications can deny processing of untrusted schemas.  In future,
00047  * the SecurityManager will be expanded to take these other exploits
00048  * into account.
00049  *
00050  * Initial checkin of SecurityManager
00051  *
00052  * $Id: SecurityManager.hpp,v 1.4 2004/09/08 13:56:23 peiyongz Exp $
00053  *
00054  */
00055 
00056 #ifndef SECURITYMANAGER_HPP
00057 #define SECURITYMANAGER_HPP
00058 
00059 #include <xercesc/util/XercesDefs.hpp>
00060 
00061 XERCES_CPP_NAMESPACE_BEGIN
00062 
00085 class  SecurityManager
00086 {
00087 public:
00088 
00089     enum { ENTITY_EXPANSION_LIMIT = 50000};
00090 
00094     SecurityManager()
00095         : fEntityExpansionLimit(ENTITY_EXPANSION_LIMIT)
00096     {        
00097     }
00098 
00100     virtual ~SecurityManager(){};   
00102 
00117     virtual void setEntityExpansionLimit(unsigned int newLimit) 
00118     {
00119         fEntityExpansionLimit = newLimit;
00120     }
00121 
00129     virtual unsigned int getEntityExpansionLimit() const
00130     { 
00131         return fEntityExpansionLimit;
00132     }
00134 
00135 protected:
00136     unsigned int fEntityExpansionLimit;
00137 
00138 private:
00139 
00140     /* Unimplemented Constructors and operators */
00141     /* Copy constructor */
00142     SecurityManager(const SecurityManager&);
00143     
00145     SecurityManager& operator=(const SecurityManager&);
00146 };
00147 
00148 XERCES_CPP_NAMESPACE_END
00149 
00150 #endif